---------------------------------------------------------------------- A new version (0.9.0.0 - Release Candidate 1) of the free Secunia PSI has been released. The new version includes many new and advanced features, which makes it even easier to stay patched. Download and test it today: https://psi.secunia.com/ Read more about this new version: https://psi.secunia.com/?page=changelog ---------------------------------------------------------------------- TITLE: Debian update for phpbb2 SECUNIA ADVISORY ID: SA28871 VERIFY ADVISORY: http://secunia.com/advisories/28871/ CRITICAL: Less critical IMPACT: Cross Site Scripting, Manipulation of data, System access WHERE: >From remote OPERATING SYSTEM: Debian GNU/Linux 3.1 http://secunia.com/product/5307/ Debian GNU/Linux 4.0 http://secunia.com/product/13844/ Debian GNU/Linux unstable alias sid http://secunia.com/product/530/ DESCRIPTION: Debian has issued an update for phpbb2. This fixes some vulnerabilities, which can be exploited by malicious users to compromise a vulnerable system and by malicious people to conduct cross-site scripting and cross-site request forgery attacks. For more information: SA22188 SA23283 SA28630 SOLUTION: Apply updated packages. -- Debian GNU/Linux 3.1 alias sarge -- Source archives: http://security.debian.org/pool/updates/main/p/phpbb2/phpbb2_2.0.13+1-6sarge4.diff.gz Size/MD5 checksum: 67912 c403597d08f4c5af0f62b84c5ee72a7e http://security.debian.org/pool/updates/main/p/phpbb2/phpbb2_2.0.13+1.orig.tar.gz Size/MD5 checksum: 3340445 678d0cb0372e46402a472c510fb90d78 http://security.debian.org/pool/updates/main/p/phpbb2/phpbb2_2.0.13+1-6sarge4.dsc Size/MD5 checksum: 1011 d5ca94a7a4c2b3468428a993a1dbc5cc Architecture independent packages: http://security.debian.org/pool/updates/main/p/phpbb2/phpbb2-conf-mysql_2.0.13-6sarge4_all.deb Size/MD5 checksum: 37766 f0df2114bd60d9b84fbda1d241294fdd http://security.debian.org/pool/updates/main/p/phpbb2/phpbb2_2.0.13-6sarge4_all.deb Size/MD5 checksum: 526154 944e55e056fc34d970e95b78201589fe http://security.debian.org/pool/updates/main/p/phpbb2/phpbb2-languages_2.0.13-6sarge4_all.deb Size/MD5 checksum: 2868920 f10c4962035ede6e02417b8098efeda0 -- Debian GNU/Linux 4.0 alias etch -- Source archives: http://security.debian.org/pool/updates/main/p/phpbb2/phpbb2_2.0.21-7.dsc Size/MD5 checksum: 1051 88ad3a4f2ee714cce779873b53ebd323 http://security.debian.org/pool/updates/main/p/phpbb2/phpbb2_2.0.21.orig.tar.gz Size/MD5 checksum: 3203456 30383a9bf6c5d21736e4bdf9ec7852d5 http://security.debian.org/pool/updates/main/p/phpbb2/phpbb2_2.0.21-7.diff.gz Size/MD5 checksum: 90580 896f80500e90867741c516e57fc8bfcc Architecture independent packages: http://security.debian.org/pool/updates/main/p/phpbb2/phpbb2-languages_2.0.21-7_all.deb Size/MD5 checksum: 2791410 afd8a0fe8138c8a5cf00a3e4ac10ac59 http://security.debian.org/pool/updates/main/p/phpbb2/phpbb2_2.0.21-7_all.deb Size/MD5 checksum: 554842 e8825ef3431bfe7ccf72f9f59f13a119 http://security.debian.org/pool/updates/main/p/phpbb2/phpbb2-conf-mysql_2.0.21-7_all.deb Size/MD5 checksum: 53706 49baf96bcc1c273a93e8bb5169dca722 -- Debian GNU/Linux unstable alias sid -- Fixed in version 2.0.22-3. ORIGINAL ADVISORY: http://lists.debian.org/debian-security-announce/debian-security-announce-2008/msg00048.html OTHER REFERENCES: SA22188: http://secunia.com/advisories/22188/ SA23283: http://secunia.com/advisories/23283/ SA28630: http://secunia.com/advisories/28630/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------